Claim Challenge

POST

claim

Claim challenge

curl --request POST \
  --url https://api.authsignal.com/v1/claim \
  --header 'Authorization: Basic <encoded-value>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "challengeId": "<string>",
  "userId": "<string>",
  "skipVerificationCheck": true
}
'

{
  "token": "<string>",
  "verificationMethod": "SMS"
}

Authorizations

Authorization

string

header

required

Use your Authsignal secret key as the username and leave the password empty. The secret key can be found in the API Keys section of the Authsignal Portal settings page.

Body

application/json

challengeId

string

required

The ID of the challenge.

userId

string

required

The ID of the user.

skipVerificationCheck

boolean

If set to true, the requirement to call Verify Challenge before claiming the challenge on behalf of a user will be skipped. This option may be used in scenarios where an OTP code has been verified independently of Authsignal. It should be used with caution and could introduce security risks if used incorrectly. Defaults to false.

Response

token

string

required

A short-lived token which can be used subsequently in your integration to validate that the challenge was completed successfully by the user.

verificationMethod

enum<string>

required

The verification method used to complete the challenge.

Available options:

SMS,

EMAIL_OTP

Validate ChallengeValidate the result of a challenge using a token obtained after redirecting back from the pre-built UI or returned by an Authsignal SDK.

⌘I

Claim challenge

curl --request POST \
  --url https://api.authsignal.com/v1/claim \
  --header 'Authorization: Basic <encoded-value>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "challengeId": "<string>",
  "userId": "<string>",
  "skipVerificationCheck": true
}
'

{
  "token": "<string>",
  "verificationMethod": "SMS"
}

API reference

Server API

Client API

Management API

Call Connect API

Terminal API

Authorizations

Body

Response